<?php

$page = "account";
$display_error = array();
$mess=array();
require 'require.php';

$link_server = mysql_connect(OPENIDOO_DB_SERVER, OPENIDOO_DB_USER, OPENIDOO_DB_PASSWORD);
$select_db = mysql_select_db(OPENIDOO_DB_DATABASE, $link_server);

if (isset($_POST['oia_action']) && ($_POST['oia_action']) && isset($_POST['oia_email']) && ($_POST['oia_email']) && isset($_POST['oia_password']) && ($_POST['oia_password'])) {
	$display_error = array();
	if (!(isset($_POST['oia_email']) && (eregi("(^[_\.0-9a-z-]+@([0-9a-z][0-9a-z-]+\.)+[a-z]{2,4}$)", $_POST['oia_email'])))) {
		$display_error[] = 'invalid_email';
	}

	if (!(isset($_POST['oia_password']))) {
		$display_error[] = 'invalid_password';
	}
	
	if (!(isset($_POST['oia_password']) && ($_POST['oia_password']) == $_SESSION['password'])) {
		$display_error[] = 'invalid_password';
	}
	

	if (count($display_error) == 0) {

		if ((!$link_server) or (!$select_db)) {
			die('Impossible de se connecter');
		} else {			
			if (!mysql_query("UPDATE openidoo_accounts SET email='".mysql_escape_string($_POST['oia_email'])."' WHERE user_id='".mysql_escape_string($_SESSION['user_id'])."'", $link_server)) {
				die('Une erreur est survenue');
			}else{
			$mess[]='mail';
			}
		}
	}
}

if (isset($_POST['oi_action']) && ($_POST['oi_action']) && isset($_POST['oia_password_old']) && ($_POST['oia_password_old'])) {
	$display_error = array();
	
	if (!(isset($_POST['oia_password_old']) && ($_POST['oia_password_old']) == $_SESSION['password'])) {
		$display_error[] = 'invalid_password_old';
	}
	if (!(isset($_POST['oia_password_old']))) {
		$display_error[] = 'invalid_password';
	}
	
	if ( (isset($_POST['oia_password_new']) && (!mb_strlen($_POST['oia_password_new']) > 2)) || ($_POST['oia_password_new']=="")) {
		$display_error[] = 'invalid_password_new';
	}
	if ( isset($_POST['oia_password_conf']) && ($_POST['oia_password_conf'] != $_POST['oia_password_new']) ){
		$display_error[] = 'invalid_password_conf';
	}

	if (count($display_error) == 0) {

		if ((!$link_server) or (!$select_db)) {
			die('Impossible de se connecter');
		} else {
		
			if (isset($_POST['oia_password_new']) && (mb_strlen($_POST['oia_password_new']) > 2)) {
				if (!mysql_query("UPDATE openidoo_accounts SET  password='".mysql_escape_string($_POST['oia_password_new'])."' WHERE user_id='".mysql_escape_string($_SESSION['user_id'])."'", $link_server)) {
					die('Une erreur est survenue');
				}else{
				 $_SESSION['password']=mysql_escape_string($_POST['oia_password_new']);
				 $mess[]='pass';
				}	
			}
		}
	}
	
	

}
if ((!$link_server) or (!$select_db)) {
	die('Impossible de se connecter');
} else {

	if (!($sql_email = mysql_query("SELECT user_id, email FROM openidoo_accounts WHERE user_id='".mysql_escape_string($_SESSION['user_id'])."'", $link_server))) {
		die('Une erreur est survenue');
	} else {
		$email_account = mysql_result($sql_email, 0, 'email');
	}
}

require 'html/top.html';
require 'html/account.html';
require 'html/bottom.html';

?>
